Newsletters: Newsbites

SANS NewsBites is a semiweekly high-level executive summary of the most important news articles that have been published on computer security during the last week. Each news item is very briefly summarized and includes a reference on the web for detailed information, if possible.

Spend five minutes per week to keep up with the high-level perspective of all the latest security news. New issues are delivered free every Tuesday and Friday.

Volume XII - Issue #56

July 16, 2010

Two government security folks who have done a lot to stop the waste and
make federal systems much harder to compromise, are contending with
attacks from others who do not want to admit that change is needed. Four
thoughts help make the personal attacks less painful. They were written
by Kent M. Keith in 1968 as part of a booklet for young leaders and
adapted by Mother Teresa and posted in a more spiritual tone in her home
for children in Calcutta. I am sharing them with the NewsBites audience
in the hope that they will help you, as they do me, when we seek to make
a difference:

- - If you do good, people will accuse you of selfish ulterior motives.
Do good anyway.
- - If you are successful, you will win false friends and true enemies.
Succeed anyway.
- - The biggest men and women with the biggest ideas can be shot down by
the smallest men and women with the smallest minds.
Think big anyway.
- - Give the world the best you have and you'll get kicked in the teeth.
Give the world the best you have anyway.
Alan

- -- SANS Network Security 2010, Las Vegas, September 19-27, 2010 40 courses. Bonus evening presentations include The Return of Command Line Kung Fu and Cyberwar or Business as Usual? The State of US Federal CyberSecurity Initiatives http://www.sans.org/network-security-2010/

Senators Introduce 2010 Data Security Act (July 14, 2010)

US Senators Tom Carper (D-Delaware) and Bob Bennett (R-Utah) have reintroduced data protection legislation that would take precedence over current state laws governing data protection and breach notification. The legislation was originally introduced in 2007, but failed to pass. The 2010 Data Security Act would require public and private entities to protect personal data they hold and to notify individuals if the security of their information is compromised. Two other bills that address data privacy and breach notification - the Data Breach Notification Act introduced in January 2009 and the Personal Data Privacy and Security Act introduced in July 2009 - have already cleared the Senate Judiciary Committee and will be considered by the full Senate. -http://www.nextgov.com/nextgov/ng_20100714_6555.php?oref=topnews**************************** SPONSORED LINKS ************************** 1) SANS Voucher Credits.Save up to 30%. Perfect for Year End budgets. Contact Vouchers@sans.org. (http://www.sans.org/info/62143)

THE REST OF THE WEEK'S NEWS

Former NSA Exec Tried Established Avenues to Voice Concerns Before Talking to Reporter (July 14, 2010)

Former National Security Agency (NSA) executive Thomas A. Drake fruitlessly pursued several sanctioned paths to address his concerns about the exorbitant cost and neglect of privacy concerns in a new data mining tool before deciding to approach a journalist. Drake was concerned that the NSA was planning to replace a data mining system known as ThinThread with one called Trailblazer. ThinThread protected privacy by encrypting identifying information; only when there was ample evidence to justify a warrant would the information be decrypted. Trailblazer did not have the same privacy protection in place and cost ten times more. Thwarted at each turn, Drake at last turned to Baltimore Sun journalist Siobhan Gorman and gave her documents that supported his case. Drake is presently awaiting trial for mishandling classified information and obstruction of justice. He could face up to 35 years in prison. -http://www.washingtonpost.com/wp-dyn/content/article/2010/07/13/AR2010071305992_pf.html-http://www.wired.com/threatlevel/2010/07/thomas-drake/[Editor's Note (Schultz): US government agencies and departments neither appreciate nor deal with concerns very well. Although whistleblowers are in theory protected, for example, in reality they are not. Recently a long-employed employee who turned whistleblower at a Department of Energy site was fired not long after he reported that an employee of that site was not showing up for work. Drake must also have been very frustrated by what he believed amounted to waste--too bad that he stood up for what he believed was the right course of action to the point that he now may be convicted of a crime and end up in prison. (Paller): When a person signs up to work for a government agency, he is agreeing to abide by the rules. Whistleblower laws protect employees who follow those rules. And if Mr. Drake's complaints to higher-ups in NSA did not have the impact he wanted, he could have taken his concern to a cleared staffer on one of the Congressional intelligence committees. ]

Royalty Company Proposes ISPs Pay Filesharing Fees (July 15, 2010)

A UK organization that collects and pays music royalty fees has suggested that Internet service providers (ISPs) pay for pirated music on their networks. PRS for Music/The Mechanical-Copyright Protection Society represents approximately 65,000 songwriters and music publishers. The proposal would have ISPs pay a fee that would be commensurate with the volume of unlicensed music shared; the "fee would be reduced in line with reductions in the volume of unlicensed media transmitted." The Internet Service Providers' Association UK is opposed to the idea. -http://www.computerworld.com/s/article/9179202/UK_royalty_society_suggests_ISPs_pay_for_pirated_music?taxonomyId=17

Three thousand laptops were stolen from a military contactor's office in March. The theft occurred at the Tampa, Florida offices of iGov, which it contracted to supply the computers to the US Special operations Command. The incident, which unfolded over the course of nine hours, was caught on surveillance camera; thus far, about 1,900 items have been recovered. The details of the incident were made public when a search warrant seeking phone records of one of the suspects was filed. The stolen laptops reportedly did not contain any military data. -http://www.channelregister.co.uk/2010/07/14/specops_robbery/-http://www.tampabay.com/news/publicsafety/crime/article1108521.ece

Bluetooth-Enabled Skimmers Found on Gas Pumps in Southeastern US (July 13, 2010)

A planned talk on the offensive capabilities and operations of China's cyber army has been pulled from the Black Hat line up. Wayne Huang, CTO of Armorize, was scheduled to speak at the conference, but the talk was withdrawn after objections from the Chinese and Taiwanese governments. A description of the talk on the Black Hat website called it "a study of the Cyber Army based on incidences, forensics, and investigation data since 2001." One of the elements of the talk was how China and Taiwan are working together to attack targets worldwide. -http://threatpost.com/en_us/blogs/talk-chinese-cyber-army-pulled-black-hat-071510-http://www.eweek.com/c/a/Security/China-Cyber-Army-Talk-Pulled-From-Black-Hat-668887/[Editor's Comment (Northcutt): I happen to be the marketing chair for SANS Boston starting August 2, if Wayne or Caleb want to contact a few reporters, I will set up a room for them to give their talk in Boston. -http://www.sans.org/boston-2010/]**********************************************************************

The Editorial Board of SANS NewsBites Eugene Schultz, Ph.D., CISM, CISSP is CTO of Emagined Security and the author/co-author of books on Unix security, Internet security, Windows NT/2000 security, incident response, and intrusion detection and prevention. He was also the co-founder and original project manager of the Department of Energy's Computer Incident Advisory Capability (CIAC)

John Pescatore is Vice President at Gartner Inc.; he has worked in computer and network security since 1978.

Stephen Northcutt founded the GIAC certification and currently serves as President of the SANS Technology Institute, a post graduate level IT Security College, http://www.sans.edu.

Prof. Howard A. Schmidt is the Cyber Coordinator for the President of the United States

Dr. Johannes Ullrich is Chief Technology Officer of the Internet Storm Center and Dean of the Faculty of the graduate school at the SANS Technology Institute.

Ed Skoudis is co-founder of Inguardians, a security research and consulting firm, and author and lead instructor of the SANS Hacker Exploits and Incident Handling course.

Rob Lee is the curriculum lead instructor for the SANS Institute's computer forensic courses (computer-forensics.sans.org) and a Director at the incident response company Mandiant.

Rohit Dhamankar is the Director of Security Research at TippingPoint, where he leads the Digital Vaccine and ThreatLinQ groups. His group develops protection filters to address vulnerabilities, viruses, worms, Trojans, P2P, spyware, and other applications for use in TippingPoint's Intrusion Prevention Systems.

Tom Liston is a Senior Security Consultant and Malware Analyst for Inguardians, a handler for the SANS Institute's Internet Storm Center, and co-author of the book Counter Hack Reloaded.

Dr. Eric Cole is an instructor, author and fellow with The SANS Institute. He has written five books, including Insider Threat and he is a senior Lockheed Martin Fellow.

Ron Dick directed the National Infrastructure Protection Center (NIPC) at the FBI and is the incoming President of the InfraGard National Members Alliance - with 22,000 members.

Mason Brown is one of a very small number of people in the information security field who have held a top management position in a Fortune 50 company (Alcoa). He is leading SANS' global initiative to improve application security.

David Hoelzer is the director of research & principal examiner for Enclave Forensics and a senior fellow with the SANS Technology Institute.

Mark Weatherford, CISSP, CISM, is Chief Information Security Officer of the State of California.

Alan Paller is director of research at the SANS Institute.

Marcus J. Ranum built the first firewall for the White House and is widely recognized as a security products designer and industry innovator.

Clint Kreitner is the founding President and CEO of The Center for Internet Security.

Brian Honan is an independent security consultant based in Dublin, Ireland.

David Turley is SANS infrastructure manager and serves as production manager and final editor on SANS NewsBites.

Please feel free to share this with interested parties via email, but no posting is allowed on web sites. For a free subscription, (and for free posters) or to update a current subscription, visit http://portal.sans.org/